Presentation is loading. Please wait.

Presentation is loading. Please wait.

Impact of Convergence on Information Security July 07, 2011 Pankaj Agrawal Head - IT Governance & CISO Aircel.

Similar presentations


Presentation on theme: "Impact of Convergence on Information Security July 07, 2011 Pankaj Agrawal Head - IT Governance & CISO Aircel."— Presentation transcript:

1 Impact of Convergence on Information Security July 07, 2011 Pankaj Agrawal Head - IT Governance & CISO Aircel

2 Agenda What is Convergence Impact New Challenges – Telco Operators Ways to Facilitate Convergence Risk Convergence

3 What is Convergence? Convergence is the tendency for different technological systems to evolve towards performing similar tasks. Convergence can refer to previously separate technologies such as voice (and telephony features), data (and productivity applications), and video that now share resources and interact with each other synergistically or Convergence describes technological and architectural changes that organization are making to enable the consolidation of multiple networks/ systems to a single infrastructure.

4 Convergence - Communication Internet Mobile Telecom Wireless Technologies Information Technologies Fixed telecom Broadcasters Cable TV Others Conver gence

5 ExamplesTransitional Impact Infrastructure Routers Firewalls Switches Cabling Network point Wi-Fi access points Third party links (eg MPLS) Enabled the business to connect multiple, previously separate networks and introduce new network functionality to open the existing data network to new devices and services Manage network infrastructure as a single entity Impact of Convergence ExamplesTransitional Impact Devices IP telephones CCTV cameras Electronic door locks PDAs Printers IP-enabled machinery Connection of a wide range of newly IP-enabled devices to the network Up gradation of existing devices that allows the use of some services introduced to the converged network (eg VoIP software on a PC) ExamplesTransitional Impact Services User services: Voice calls (VoIP) Video monitoring Video conferencing Remote forensic imaging Network services: Domain Name Service Network Time Protocol Services that were previously carried over dedicated circuits (eg analogue telephone signals) have been converted to packet data allowing their integration and transmission as services carried across the converged network using IP ExamplesTransitional Impact Infrastructure Routers Firewalls Switches Cabling Network point Wi-Fi access points Third party links (eg MPLS) Enabled the business to connect multiple, previously separate networks and introduce new network functionality to open the existing data network to new devices and services Manage network infrastructure as a single entity Devices IP telephones CCTV cameras Electronic door locks PDAs Printers IP-enabled machinery Connection of a wide range of newly IP- enabled devices to the network Up gradation of existing devices that allows the use of some services introduced to the converged network (eg VoIP software on a PC) Services User services: Voice calls (VoIP) Video monitoring Video conferencing Remote forensic imaging Network services: Domain Name Service Network Time Protocol Services that were previously carried over dedicated circuits (eg analogue telephone signals) have been converted to packet data allowing their integration and transmission as services carried across the converged network using IP

6 Multi-Layered Convergence Process Customer Convenience From generalized to personalized communication Device Convergence Universality Networks Convergence Inter-connection and Inter-operability Service Convergence New Sell and Price Strategies Sector and Market Convergence Converged Institutional bases

7 New Challenges – Telco Operators Convergence Service convergence N-play services / N-play economics Extends demand for broadband access Market structure Strategic alliances (Content, Media, etc.) Mergers and acquisitions Consolidation New business models Falling costs of traditional communication Merger of customer base Lower margins / New value-added services… Costly investment programmes

8 Imperatives driving Convergence Rapid Expansion of Enterprise Ecosystem Value Migration from the Physical to Information based and intangible assets New Protective technologies blurring functional boundaries New Compliances and Regulatory regimes Continuing pressure to reduce cost Enterprises are becoming more complex in a global economy where external partners are increasing Increasingly, value is increasing from physical to information based assets Emerging technology is creating a bridge between physical and information security functions More regulations are developing in response to new threats and business interactions Enterprises are constantly trying to efficiently mitigate risk

9 Ways to Facilitate Convergence Build a trusted information sharing relationship Establish uniform security language in contracts Develop staff with knowledge of external stakeholders Identify white space risks between traditional disciplines Develop an understanding of other groups roles and responsibilities Understand business value drivers Integrate and share initiatives Reach out across functional boundaries Increase in competitive advantage Migration of security as a cost center to one of value add Transformation of functional security staff to multi-disciplinary business assurance agents Convergence

10 Risk Convergence Risk convergence is a concept that allows an organisation to have a single picture of risk and an integrated (holistic) approach to risk management across the entire organisation. Senior Management Senior Management Legal IT Financ e OpsLegalIT Financ e Ops Multiple Risk Reports Single Risk Report Agreed risk terms, approaches and measures Non-Converged Risk Converged Risk

11 Drivers for Risk Convergence Increased number of legal and regulatory obligations favors single view of risk Establishing consistency with standards Converged Risk management will enable an organization to pursue business opportunities with a greater confidence Organizational stakeholders, market analysts and financial institutions treat converged organizations favorably By removing duplication associated with non-converged risk management Reducing headcount/ staff consolidation Cost Benefits Market Pressures Legal and Regulatory requirements Organizational Benefits

12 Challenges associated with Risk Convergence For example the Sarbanes-Oxley Act (US) has clear requirement to mitigate risks related to the integrity of financial information, but has no requirements to address operational risks Inappropriate Risk bias There are difficulties in bringing together different risk functions Ex:- Information Risk skills generally come from an IT / scientific background and Credit Risk comes from an accounting background Cultural and Political clash To reach a converged risk picture it is necessary to compare and contrast different types of risk and, to agree definition of terms and an agreed way to calculate risk Non-uniform risk landscape Organisations vary enormously in size, MNCs with strong regional bases to vast conglomerates Single view of risk may not be practical in such cases Organizational complexity There are specific risks in having a centralised approach to risk convergence, such as inherent weaknesses in the methodology and the masking of changing risks Reduced validation and verification

13 Examples of Convergence In pre-Convergence era, there were separate machines/ tools to provide for basic civilizations needs With the advent of technology focus is on Convergence of all the features into one device to provide for easy and secured solutions/ services Today smart phone provides all the services like memo pad, stereo, maps, GPS unit, camera and game machine Schalge, a lock maker markets a system that lets homeowners use their mobile phones to unlock their doors from miles away Daimler Benz has a mobile phone application that allows customers to unlock their car doors by pressing a button on their phone screen GM introduced an application that let owners to warm up the engine or fire up the air-conditioner from the comfort of their office cubilcle


Download ppt "Impact of Convergence on Information Security July 07, 2011 Pankaj Agrawal Head - IT Governance & CISO Aircel."

Similar presentations


Ads by Google